[Carbon-dev] What is the correct behavior regarding onSuccessAdminLogin() method in GovernanceListUIServiceComponent
Dimuthu Leelarathne
dimuthul at wso2.com
Tue Jan 17 01:01:52 EST 2012
Hi Eranda,
Looks like GovernanceListUI is doing a BE call when a user logs in without
checking his permission. In order to call operations in the GovernanceList
the user needs a /permission/admin/manage/
resources/govern/metadata/list premission.
So make sure before calling that method the user has the permission. You
have to look for an implementation of UIAuthenticationExtender interface
inside GovernanceListUI and do a permission check inside it before doing
the BE call.
CarobnUIUtil.isUserAuthorized
thanks,
dimuthu
On Tue, Jan 17, 2012 at 11:16 AM, Eranda Sooriyabandara <eranda at wso2.com>wrote:
> Hi Dimuthu,
> in component.xml /permission/admin/manage/resources/govern/metadata/list
> in services.xml /permission/admin/manage/resources/govern/metadata/list
>
> thanks
> Eranda
>
--
Dimuthu Leelarathne
Technical Lead
WSO2, Inc. (http://wso2.com)
email: dimuthul at wso2.com
Lean . Enterprise . Middleware
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.wso2.org/pipermail/carbon-dev/attachments/20120117/ddb090f3/attachment.html>
More information about the Carbon-dev
mailing list